Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2023-50422
SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.
| Software | From | Fixed in |
|---|---|---|
| sap / cloud-security-services-integration-library | - | 2.17.0 |
| sap / cloud-security-services-integration-library | 3.0.0 | 3.3.0 |
com.sap.cloud.security / java-security
|
- | 2.17.0 |
|
com.sap.cloud.security / java-security
|
3.0.0 | 3.3.0 |
|
com.sap.cloud.security.xsuaa / spring-xsuaa
|
- | 2.17.0 |
|
com.sap.cloud.security.xsuaa / spring-xsuaa
|
3.0.0 | 3.3.0 |
|
com.sap.cloud.security / spring-security
|
- | 2.17.0 |
|
com.sap.cloud.security / spring-security
|
3.0.0 | 3.3.0 |
- https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067
- https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/
- https://github.com/SAP/cloud-security-services-integration-library/
- https://github.com/SAP/cloud-security-services-integration-library/security/advisories/GHSA-59c9-pxq8-9c73
- https://me.sap.com/notes/3411067
- https://me.sap.com/notes/3413475
- https://mvnrepository.com/artifact/com.sap.cloud.security.xsuaa/spring-xsuaa
- https://mvnrepository.com/artifact/com.sap.cloud.security/java-security
- https://mvnrepository.com/artifact/com.sap.cloud.security/spring-security
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html